Hackers gained unauthorized access to user information on the digital videogame distribution service Steam last weekend, the company that runs the service has said.

Information in the database, which was accessed on Sunday, Nov. 6, included “user names, hashed and salted passwords, game purchases, email addresses, billing addresses and encrypted credit card information,” according to a note that Valve CEO Gabe Newell sent to all Steam accounts on Thursday. Valve forwarded the note to media including Wired.com, saying that the company was “still investigating” whether the information was taken by the hackers.

“We do not have evidence that encrypted credit card numbers or personally identifying information were taken by the intruders, or that the protection on credit card numbers or passwords was cracked,” the note read. “We don’t have evidence of credit card misuse at this time. Nonetheless you should watch your credit card activity and statements closely.”

Valve said on Thursday that it originally believed that only its forums had been compromised and only found later after an investigation that hackers had access to the user information database.

Valve confirmed that some forum accounts had been compromised, saying it will require all users to change their passwords once the message boards are back up.

Since forum accounts are separate from the standard Steam service, the company said it does not plan to force Steam users to change their passwords, but it suggested that it “wouldn’t be a bad idea” to change that as well.